 Incident Command Team
 Each incident procedure requires management.
Whether from different departments
of a company which owns or leases a facility, from the port, from the ships,
area jurisdictions, mutual aid partners, or from State and Federal agencies,
these entities need to be able to respond, plan, prepare and communicate with
each other. The Incident Command Team section consists of menus that link to tiered levels of command.
The users are able to quickly
identify the names, position titles, contact information and the roles of each
position. NIMS standards require uniform titles for some positions. Data from
each screen may be printed as a report.
|
Security Incident
Management
Incident management is driven by security incident procedures. Each incident
will have its own set of planning, training, drills/exercises, deployment of
personnel/equipment/supplies, communication, preparedness, response,
prevention/mitigation and recovery components and procedures. In addition,
procedures for each incident and incident component differ as Navigational &
Vessel Inspection Circulars (NVIC) and Maritime Security (MARSEC) Directives are
issued.
A security plan that is comprehensive and prepared for all security
eventualities, from threats and crisis early warning signs to actual security
crises, is possessed with a list of specific security incident procedures that
could run into the thousands. The SeaPort Security Software (SPSS) program
provides a well-organized framework with supporting data acquisition,
formatting, exchange and reporting methods which all help to manage and strengthen
incident procedures. The Security Incident Management section provides a cost
effective method to organize, implement and keep incident procedures up to date.
Reports of the procedures are made available in electronic or hard copy form.
Security Incidents & Incident Components
 The Security Incident drop-down menu will
contain a list of security incidents. The Incident
Component menu will show a list of components.
The Drills Logs
button is a link to the file for logging Training, Drills and Exercising events.
Management Standards
NIMS sets minimum standards for many incident procedures, particularly response,
preparedness, resource management and communications. SPSS provides the means to
efficiently and economically manage these procedures per required standards.
MARSEC Levels, Procedures and Latest Directives
The text boxes named 1, 2 &
3 indicate procedures for security incidents that are different
for each MARSEC level. They contain the procedures dictated
by the selections that are made in the Security Incident
and Incident Component menus above. The
Record button will show the user a record of
changes in MARSEC Levels including receiving, compliance, confirmation by date
and time, and notification of stakeholders. The Notice To Entities
menu provides quick access to predetermined links for communication with
Incident Command Team members. |
Incident Management Capabilities Audit & Measures
A facility audit is conducted with the protocols for
the analysis of existing vulnerabilities and management capabilities.
Determinations and measures or counter measures are made to meet required
standards. The Vessel Security Plan (VSP) and the Area Maritime Security
Plan (AMSP) use a set of protocols, directives, questions and measures
that are specific to their operations. The number of questions is
typically a large number and is quickly downloaded to the SPSS program.
The particular entity records the answers in the appropriate box in the
Audit screen. Questions with a "not satisfactory" (NS) answer and
those answers that are not accepted are automatically assigned to the
Measures data file
Incident
Management Capabilities Audit
 The Audit is a self-administered electronic question and answer form that
is done annually or periodically. The questions address conditions,
vulnerabilities, deficiencies and the capabilities of the entity's
security incident management.
The Audit is combination of questionnaires developed by regulatory
agencies. In the case of Facility Security Plans, questions of the USCG
Facility Security Plans Review Checklist for General Facilities are
required. NIMCAST of the National Incident Management System and other
jurisdictional agencies with performance-based mandated standards also
require compliance. |
Incident Management Capabilities Measures
 Measures are defined as a series of steps toward an objective. For efficiency of
dealing with most all measures, they are put into two categories:
1) Those that
involve personnel procedures and,
2) Those that involve physical/structural
initiatives.
The initiation of personnel measures that are required to meet compliance
is managed with the Security Incident Management section. The initiation
of physical, structural, equipment, operating and security systems measures is
managed with the use of the applicable Facility, Vessel or Area Maritime
Structures Measures.
Measures for Action and
Priority are displayed. Audit and Measures Reports are
produced automatically and may be configured to report summaries of actions by
priority, and time schedules for implementation. |
Facility Structures Audit & Measures
The Facility Structures Audit & Measures area consists of two screens: the Facility Structures Audit and the Facility Structures Measures. The disposition,
arrangement and working condition of buildings, structures, equipment, security
and alarm systems, or the absence thereof, have a major impact on the security
of the site, structures and personnel. Each screen has linkages to maps and
graphic images. Locations are marked upon the various images to permit audit
team members to better visualize the interface of a wide range of incident
procedures with the condition of the physical facility and its ability to meet
security needs.
The purpose of the Facility Structures Audit is to record observations and
deficiencies of physical items that are located on the site or in and on
structures. A secure access electronic intra/inter network may be implemented to
communicate site-specific data.
Facility Structures Audit
 Physical facility, structures and site data is acquired with portable pen-based
computing technology or with hard copy forms and then downloaded. Data that is
recorded on the screen is referenced to a numbered location on a site map or
building plan image.
The Item menu consists of 8 categories
of items, which comprise the entire physical FACILITY. They are: Site, Site
Access, Site Perimeter, Structures, Doors, Security Systems,
Mechanical Electrical Systems, and Communication Systems. Each of the 8
items is broken down into its diverse parts, which describe each Item in
more detail. This detailed data is selected from the
Feature drop-down menu. The View box selects the maintenance record of an
Item/Feature.
Observations and Deficiencies (Obs/Def) and
Priorities are selected from
drop-down menus. The data that is generated from this screen is incorporated with
Measures data. |
Facility Structures Measures
 The purpose of the Facility Structures Measures is to assess the options for
bringing the physical plant/facility items that have been discovered to be
deficient into compliance. A Costs estimating
section is included with the
Measures screen to assist management in making decisions about capital
expenditures. Financial analyses protocols are available that perform Life Cycle
Cost and Least Cost Combination of Capital and Operating Costs Analyses.
The framework of this section and the organization of the data are similar for the
Area Maritime (AMSP), Vessel (VSP) and Facility Security (FSPM) Plans. Reports are produced
automatically for Audits, Measures, Cost Estimates, Priorities, Financial
Analyses and Equipment Systems Maintenance & Certification.This screen is accessed from the Audit. The
Audit
screen will automatically down load data to the Measures data screen into the
boxes titled Image,
Location, Item No,
Item/Feature, Obs/Def/ Notes and
Priority. Maintenance deficiencies of equipment and operating systems that have
been selected in the Audit are also downloaded.
The Task box provides a menu from which a task is selected that applies to the
numbered Item/Feature, its deficiencies & observations.
Cost estimates are made for each specific task for each numbered item. The cost
data, descriptions of the item, feature, deficiencies, measures task and
priority are assigned to a file from which reports are made. Support is provided
to the business office for the financial analyses of proposed capital improvements.
|
Security Vulnerability & Incident Tracking
The purpose of the Security Vulnerability & Incident Tracking section is two
fold:
1) To continuously update the prioritized list of asset vulnerabilities
that have already been
made in the plan development process and actual incidents
that have occurred. And
2) To report and record actual security incidents,
threats, early warning signs and the results
of person ID queries.
The use of risk-based analysis and the record of actual incidents, which include
tracking of incident early warning signs, threats and person ID queries thru
national ID databases are effective tools to plan, train, prepare for, mitigate
and prevent the endangering of assets and the occurrence of security breaches.
An important application of risk management combined with factual incident
information is the economics of what assets with what vulnerabilities should be
supported with personnel, operational and capital resources. The findings of the
risk-based assessment models are incorporated in the Asset Vulnerability data
menu and applied to the security incident management process.
The port security assessment model developed for Area Maritime Security Plans
employs four levels of risk assessment. They are criticality, threat,
consequence and vulnerability of which the combined assessments of an asset are
assigned a single score, ranking or priority. The Transportation Security
Administration's "TSA Maritime Self-Assessment Risk Module" (TMSARM) and TRAVEL Programs
have also been developed for risk assessment of assets of Vessels and Facilities
Security Plans.
Security Vulnerability & Incident Tracking Screen
 The
Incident Occurred and
Incident Threat/Early Warning Sign (Inc'd
Threat/EWS) menus access
the list of security incidents that have already been developed for the Security
Incident Management section. The Asset
Affected menu presents a list of the
entity's structures, security systems, stores, assets etc.
The Asset Vulnerability menu consists of a list of the assets of which the
entity has performed a vulnerability assessment-risk analysis and assigned a
priority. The Asset
Vulnerability data and priority appears in this box by
default, as a result of the asset that has been selected from the
Asset Affected
menu. The Image button is used to access a plan, vicinity map or a digital
photo. The Location and
Incident Number of each incident is recorded on the
image. The image with the designated locations is produced as an Image Report in
combination with Incidents Reports.
The Person ID/Tracking button presents a
form for entering the ID of a person involved in an incident. Depending on
the users security clearance they may be able to make database identification and credentials queries with national ID
Management Systems such as the Office of National Risk Assessment. The date and
time of each incident or incident threat that has occurred is recorded. Drop-down
boxes provide a list of the names of reporters and a list of agencies such as
fire, police, Facility Security Officer, National Response Center and others,
who may be automatically notified of the incident. |
Images, Reports, Configuration
 Images
1) All types of images, maps, Floor Plans, Diagrams and Photographs are accessed
with SPSS.
2) The Area Maritime Map is used by The Captain Of The Port (COTP). Facility
tenants, owners and operating companies are responsible for management of the
security plans within their particular Zone Map. These maps are linked to other
modules of the SeaPort Security Software program for the purpose of identifying
locations in connection with the Facility Structures Audit & Measures,
Security Vulnerability and Incident Tracking and the
Security Incident
Management screens.
Area Maritime
On the Area Maritime Map the various zones are indicated with heavy dotted
lines. A click on the "F" zone displays the Zone F map. The scale and North
arrow and other data are indicated at the top of the screen.
The screen of both the Area Maritime Map and the Facility Map scrolls vertically
and horizontally to display the entire port/facility area. The examples that are
shown are not related to any port or any facility. The material selected for
this example is from a source that is available to the public.
|
Zone F Map
 The
Zone F Map, (shown on the right), represents the area, which is
incorporated in a particular facility's
Facility Security Plan.
The Facility Structures Audit & Measures section makes use of the map for the
purpose of identifying the location of structural and physical items that are
the subject of the Audit and Measures. For example, as shown in the Facility
Structures Audit, locations 1 and 2 indicate access gates that are not
monitored. The Measures indicates the task and cost estimates; all done
automatically from menus and pull down boxes.
The Security Vulnerability & Incident Tracking section makes use of the map to
identify the location of where an incident or threat occurred or where the
affected asset is located.
The Security Incident Management section and the many Incident Component
Procedures, especially Preparedness, Response and Planning Procedures use the
map to locate equipment, staging, safe & command areas, control valves,
communication points, exits, etc.
Separate maps are produced for each related section and that particular section
report.
SECURITY INCIDENTS:
Access to port facility unauthorized
Access to ships unauthorized
Access to restricted areas unauthorized
Armed/unarmed person with hostage
Attack from air
Baggage unattended
Blockage of port entrances
Blockage of channels
Blockage of locks and approaches
Bomb threat
Breach of seals and locks
Damage to facility by arson
Damage to facility by explosives
Damage to facility by sabotage/vandalism
Damage to ship by arson
Damage to ship by explosives
Damage to ship by sabotage/vandalism
Hijacking of ship
Hijacking of persons on board ship
Oil spills
Hazardous material spills
Heavy weather
Pollution by ships
Physical Assault
Electric power failure
Water supply failure/contamination
Gas supply failure
Nuclear/Radiological attack
Bio/Chemical attack
Smuggling of aliens
Smuggling of drugs & contraband
Smuggling of equipment
Smuggling of weapons of mass destruction
Tampering with security monitoring systems
Tampering with equipment
Tampering with cargo
Tampering with ship stores
Unauthorized explosives/incendaries on site
Unauthorized weapons on site
Use of ship for destruction or incident
INCIDENT COMPONENTS
Each security incident will have a set of
incident components as follows:
Preparedness/SOP
Response
Recovery
Prevention/mitigation
Planning
Training
Drills/exercising
Each incident component will have a set
of communications procedures and
a set of deployment of personnel,
supplies and equipment procedures.
Each security incident procedure will
have 3 MARSEC Levels.
|
|
